Bankr Dev - NFT Operations

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and acts on public NFT marketplace data (e.g., OpenSea URLs and collection listings such as "Buy this NFT: https://opensea.io/..." and floor/collection queries), which is untrusted, user-generated content the agent must fetch and interpret at runtime.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly exposes operations to purchase NFTs (examples: "Buy the floor NFT from {collection}", "Buy this NFT: {opensea_url}", "Buy with budget"), lists supported EVM chains (Ethereum, Polygon, Base), and provides an execute(...) client call to perform those actions. It also references checking ETH balance before purchases. These are specific crypto/transaction actions (initiating on‑chain marketplace purchases), not generic browsing or generic API calls. Therefore it grants direct financial execution capability.